Exploitdb Exploits

1,269 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-104646 EXPLOITDB php
PHP 5.0.0 - 'fbird_[p]connect()' Local Denial of Service
by Yakir Wizman
EIP-2026-104649 EXPLOITDB php
PHP 5.0.0 - 'imap_mail()' Local Denial of Service
by Yakir Wizman
EIP-2026-104648 EXPLOITDB php
PHP 5.0.0 - 'hw_docbyanchor()' Local Denial of Service
by Yakir Wizman
EIP-2026-104647 EXPLOITDB php
PHP 5.0.0 - 'html_doc_file()' Local Denial of Service
by Yakir Wizman
EIP-2026-104670 EXPLOITDB php
PHP 7.0 - Object Cloning Local Denial of Service
by Yakir Wizman
EIP-2026-104655 EXPLOITDB php
PHP 5.0.0 - 'xmldocfile()' Local Denial of Service
by Yakir Wizman
EIP-2026-104645 EXPLOITDB php
PHP 5.0.0 - 'domxml_open_file()' Local Denial of Service
by Yakir Wizman
EIP-2026-104720 EXPLOITDB php
Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution
by Raz0r
EIP-2026-110748 EXPLOITDB php
PHP Real Estate Script 3 - Arbitrary File Disclosure
by Meisam Monsef
EIP-2026-114135 EXPLOITDB php
WordPress Plugin Ultimate Membership Pro 3.3 - SQL Injection
by wp0Day.com
EIP-2026-109669 EXPLOITDB php
My Little Forum 2.3.5 - PHP Command Injection
by hyp3rlinx
EIP-2026-113982 EXPLOITDB php
WordPress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite
by wp0Day.com
EIP-2026-113804 EXPLOITDB php
WordPress Plugin Gravity Forms 1.8.19 - Arbitrary File Upload
by Abk Khan
EIP-2026-110921 EXPLOITDB php
phpATM 1.32 (Windows) - Arbitrary File Upload / Remote Command Execution
by Paolo Massenio
EIP-2026-114072 EXPLOITDB php
WordPress Plugin Social Stream 1.5.15 - wp_options Overwrite
by wp0Day.com
CVE-2016-10972 EXPLOITDB CRITICAL php
Tagdiv Newspaper < 6.7.2 - Improper Privilege Management
The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel.
by wp0Day.com
CVSS 9.8
EIP-2026-114358 EXPLOITDB php
WordPress Theme Uncode 1.3.1 - Arbitrary File Upload
by wp0Day.com
EIP-2026-114315 EXPLOITDB php
WordPress Theme Creative Multi-Purpose 9.1.3 - Persistent Cross-Site Scripting
by wp0Day.com
EIP-2026-114230 EXPLOITDB php
WordPress Plugin WP PRO Advertising System 4.6.18 - SQL Injection
by wp0Day.com
CVE-2016-4010 EXPLOITDB CRITICAL php VERIFIED
Magento <2.0.6 - Code Injection
Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data.
by agix
CVSS 9.8
EIP-2026-113220 EXPLOITDB php
Web Interface for DNSmasq / Mikrotik - SQL Injection
by hyp3rlinx
CVE-2016-4313 EXPLOITDB HIGH php
eXtplorer 2.1.9 - Path Traversal
Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.
by hyp3rlinx
CVSS 7.8
EIP-2026-107799 EXPLOITDB php
Imagick 3.3.0 (PHP 5.4) - disable_functions Bypass
by RicterZ
EIP-2026-110935 EXPLOITDB php VERIFIED
PHPBack 1.3.0 - SQL Injection
by hyp3rlinx
CVE-2016-4071 EXPLOITDB CRITICAL php
PHP <5.5.34, <5.6.20, <7.0.5 - RCE
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.
by Andrew Kramer
CVSS 9.8
By Source
All 1,269 Exploitdb 50,123 Writeup 46,583 Nomisec 21,106 Metasploit 3,189 Github 2,211 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,723 c 3,550 perl 2,854 html 2,053 php 1,332 bash 459 java 359 javascript 256 c++ 245 shell 67 go 41 postscript 25 xml 24